Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/2b5e7c-67b1-477d-895f-8f5fc92125db/1/vmCYxXBe6-CXL6B1D1C_4Plw6tE.roa
File: vmCYxXBe6-CXL6B1D1C_4Plw6tE.roa (raw, json)
Hash identifier: BOX7FDtGe/sQ9owge+TRj9jp46uxKtCvT9m2x87H1K8=
Subject key identifier: BE:60:98:C5:70:5E:EB:E0:97:2F:A0:75:0F:50:BF:E0:F9:70:EA:D1
Certificate issuer: /CN=66d337d330ba44efcfef555355132a6a2c69783c
Certificate serial: 0194206825B1E84E01456D8419B501171AF8
Authority key identifier: 66:D3:37:D3:30:BA:44:EF:CF:EF:55:53:55:13:2A:6A:2C:69:78:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZtM30zC6RO_P71VTVRMqaixpeDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/2b5e7c-67b1-477d-895f-8f5fc92125db/1/vmCYxXBe6-CXL6B1D1C_4Plw6tE.roa
Signing time: Wed 01 Jan 2025 05:48:03 +0000
ROA not before: Wed 01 Jan 2025 05:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206635
IP address blocks: 185.176.56.0/22 maxlen: 22
185.176.56.0/24 maxlen: 24
185.176.57.0/24 maxlen: 24
185.176.58.0/24 maxlen: 24
185.176.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/2b5e7c-67b1-477d-895f-8f5fc92125db/1/ZtM30zC6RO_P71VTVRMqaixpeDw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/2b5e7c-67b1-477d-895f-8f5fc92125db/1/ZtM30zC6RO_P71VTVRMqaixpeDw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZtM30zC6RO_P71VTVRMqaixpeDw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 15 May 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:25:b1:e8:4e:01:45:6d:84:19:b5:01:17:1a:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66d337d330ba44efcfef555355132a6a2c69783c
Validity
Not Before: Jan 1 05:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be6098c5705eebe0972fa0750f50bfe0f970ead1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:0e:49:76:8a:8c:b9:6a:0e:75:c9:d9:89:9e:
9a:66:58:28:61:d9:60:36:bf:b2:e3:78:ff:0a:f0:
4c:41:74:d6:02:c9:c6:d6:57:f8:10:1f:1a:c2:46:
9b:e7:67:9b:9e:20:29:dc:ea:4b:46:97:d8:9a:b3:
20:b1:a2:6c:9b:d7:b2:c9:5c:7e:36:ab:55:e0:c7:
47:eb:21:55:82:cf:3a:ac:4f:76:4a:76:f0:ec:36:
1e:b3:97:d5:91:3f:ed:d1:71:bc:d9:a3:6f:1c:2c:
7c:2c:22:ea:75:83:6f:58:f4:01:8c:29:3c:82:40:
12:a5:83:cd:37:25:d4:74:37:27:32:8b:07:94:5d:
d2:e1:b2:7b:c7:c2:40:d1:47:6b:7f:54:19:80:89:
e6:cc:7c:d6:c9:75:a4:e9:ba:13:32:4c:e9:32:f0:
fa:ab:e4:9e:03:ba:60:6e:ee:1f:9a:65:86:4c:5b:
b8:1b:36:c8:59:eb:bd:74:35:3b:91:be:e3:56:a3:
cf:95:14:8d:70:21:30:22:4a:9b:c2:5a:9a:05:d3:
0f:86:f2:59:2a:00:e0:a7:4c:d9:52:d8:ba:8c:a5:
4d:90:ac:be:f7:b3:af:1a:c8:bf:92:75:e0:ee:4d:
0e:f8:c9:65:1b:f6:02:bf:07:20:5a:72:41:70:85:
a0:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:60:98:C5:70:5E:EB:E0:97:2F:A0:75:0F:50:BF:E0:F9:70:EA:D1
X509v3 Authority Key Identifier:
keyid:66:D3:37:D3:30:BA:44:EF:CF:EF:55:53:55:13:2A:6A:2C:69:78:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZtM30zC6RO_P71VTVRMqaixpeDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/2b5e7c-67b1-477d-895f-8f5fc92125db/1/vmCYxXBe6-CXL6B1D1C_4Plw6tE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/2b5e7c-67b1-477d-895f-8f5fc92125db/1/ZtM30zC6RO_P71VTVRMqaixpeDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.176.56.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:4d:f3:c2:8d:89:aa:0c:dc:af:a2:61:81:f0:54:d1:7f:bb:
d1:00:f8:0d:7b:2e:b5:f3:b8:9c:f7:64:4d:5b:ca:e8:f8:89:
24:8c:9b:3b:93:20:07:e4:89:aa:3e:98:68:64:f6:8e:5a:14:
92:8d:01:f3:49:56:e6:de:22:aa:38:6c:17:41:7d:fb:c1:5f:
3d:56:36:71:d6:ee:c5:d7:d4:2c:7c:67:d6:43:d6:78:1d:1c:
52:0c:e7:82:71:1c:e2:2c:6a:37:8c:a1:3b:90:96:39:73:79:
82:33:88:ac:ab:02:cc:4d:43:22:5d:f0:16:b8:33:e6:bf:8d:
44:b0:e8:82:e4:ba:ed:96:4d:e5:6e:8b:f3:2a:77:fd:42:2b:
7e:aa:4d:a2:66:34:d9:9b:09:fb:87:b8:d9:2d:84:dd:46:11:
a7:29:44:ad:5c:cc:24:87:8f:4b:74:88:83:02:f8:25:b9:69:
2d:b8:0c:2b:9a:8d:9f:c4:4c:fe:56:68:84:a9:cb:73:e8:e0:
29:80:3a:db:e5:55:70:b5:0e:72:d3:b3:48:de:32:33:e5:27:
87:a1:68:9b:8f:53:dc:25:b3:10:b6:d3:8a:5f:81:1b:1c:33:
5b:49:de:55:ea:00:f7:4c:e3:90:8d:d3:9c:f0:72:8f:11:fe:
05:8a:76:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaCWx6E4BRW2EGbUBFxr4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZDMzN2QzMzBiYTQ0ZWZjZmVmNTU1MzU1MTMyYTZhMmM2
OTc4M2MwHhcNMjUwMTAxMDU0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTYwOThjNTcwNWVlYmUwOTcyZmEwNzUwZjUwYmZlMGY5NzBlYWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQ5JdoqMuWoOdcnZiZ6aZlgoYdlg
Nr+y43j/CvBMQXTWAsnG1lf4EB8awkab52ebniAp3OpLRpfYmrMgsaJsm9eyyVx+
NqtV4MdH6yFVgs86rE92Snbw7DYes5fVkT/t0XG82aNvHCx8LCLqdYNvWPQBjCk8
gkASpYPNNyXUdDcnMosHlF3S4bJ7x8JA0Udrf1QZgInmzHzWyXWk6boTMkzpMvD6
q+SeA7pgbu4fmmWGTFu4GzbIWeu9dDU7kb7jVqPPlRSNcCEwIkqbwlqaBdMPhvJZ
KgDgp0zZUti6jKVNkKy+97OvGsi/knXg7k0O+MllG/YCvwcgWnJBcIWgJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL5gmMVwXuvgly+gdQ9Qv+D5cOrRMB8GA1UdIwQY
MBaAFGbTN9MwukTvz+9VU1UTKmosaXg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnRNMzB6QzZST19QNzFWVFZSTXFhaXhwZUR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8yYjVlN2MtNjdiMS00NzdkLTg5NWYt
OGY1ZmM5MjEyNWRiLzEvdm1DWXhYQmU2LUNYTDZCMUQxQ180UGx3NnRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8yYjVlN2MtNjdiMS00NzdkLTg5NWYtOGY1ZmM5MjEyNWRi
LzEvWnRNMzB6QzZST19QNzFWVFZSTXFhaXhwZUR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubA4MA0G
CSqGSIb3DQEBCwUAA4IBAQA8TfPCjYmqDNyvomGB8FTRf7vRAPgNey6187ic92RN
W8ro+IkkjJs7kyAH5ImqPphoZPaOWhSSjQHzSVbm3iKqOGwXQX37wV89VjZx1u7F
19QsfGfWQ9Z4HRxSDOeCcRziLGo3jKE7kJY5c3mCM4isqwLMTUMiXfAWuDPmv41E
sOiC5Lrtlk3lbovzKnf9Qit+qk2iZjTZmwn7h7jZLYTdRhGnKUStXMwkh49LdIiD
AvgluWktuAwrmo2fxEz+VmiEqctz6OApgDrb5VVwtQ5y07NI3jIz5SeHoWibj1Pc
JbMQttOKX4EbHDNbSd5V6gD3TOOQjdOc8HKPEf4Finb3
-----END CERTIFICATE-----
Generated at Wed May 14 12:09:18 2025 by rpki-client